Greenlight Approvals by Brio Foundry

Privacy Policy

Entity: ROBIN SINGH CHAUHAN AND PARTNERS LLP · Effective date: 2026-07-10 · Contact: privacy@briofoundry.com


1. Overview

Greenlight Approvals (“the App”, “we”) is an application that runs inside the monday.com platform and adds approval / sign-off workflows to monday items, subitems, and dashboards. This policy explains what data the App accesses, stores, and shares.

The App is installed by a monday.com account and operates only within that account. We are a data processor; the monday.com account that installs the App is the data controller of the content it processes.

2. Data we access (monday OAuth scopes)

The App requests the following monday.com scopes, each used solely to provide approval functionality:

Scope Why we need it
boards:read Read item, subitem, and column data to show approvals in context and resolve approvers from People columns/teams.
boards:write Create or adopt the approval status and approvers columns and write the current approval status.
updates:write Post approval requests and decisions to the item’s Updates thread and attach requester files.
notifications:write Send in-app monday notifications to approvers and requesters.
users:read Resolve approver/requester display names for the UI.
teams:read Expand a team into its member approvers when a team is assigned.

3. Data we store

The App stores the minimum data needed to run approval workflows, in monday-code Storage — monday.com’s managed, account-scoped storage. Each account’s data is written and read only with that account’s own monday token. We store:

We do not store monday user names or email addresses; display names are resolved on demand from the monday API and not persisted. We do not store board content beyond the approval-related fields listed above.

User-authored text (approval names, messages, decision comments, external reviewer labels) is stored as entered and may contain personal data if the user includes it.

4. Third parties and sub-processors

The App calls no third-party services. All network calls go only to monday.com endpoints (api.monday.com, auth.monday.com) and the App is hosted on monday-code, monday.com’s managed hosting and storage platform. We use no independent analytics, advertising, external databases, or logging providers.

5. Security

6. Data retention and deletion

7. Your rights

Depending on your jurisdiction (e.g., GDPR/CCPA) you may have rights to access, correct, or delete personal data. Because we act as a processor for the installing account, direct such requests to that account’s administrator, or to us at privacy@briofoundry.com and we will assist the controller.

8. Changes

We may update this policy; material changes will be reflected by the effective date above and, where required, communicated through the marketplace listing.

9. Contact

ROBIN SINGH CHAUHAN AND PARTNERS LLP · privacy@briofoundry.com